A hierarchical peer-to-peer(P2P)model and a data fusion method for network security situation awareness system are proposed to improve the efficiency of distributed security behavior monitoring network.The single po...A hierarchical peer-to-peer(P2P)model and a data fusion method for network security situation awareness system are proposed to improve the efficiency of distributed security behavior monitoring network.The single point failure of data analysis nodes is avoided by this P2P model,in which a greedy data forwarding method based on node priority and link delay is devised to promote the efficiency of data analysis nodes.And the data fusion method based on repulsive theory-Dumpster/Shafer(PSORT-DS)is used to deal with the challenge of multi-source alarm information.This data fusion method debases the false alarm rate.Compared with improved Dumpster/Shafer(DS)theoretical method based on particle swarm optimization(PSO)and classical DS evidence theoretical method,the proposed model reduces false alarm rate by 3%and 7%,respectively,whereas their detection rate increases by 4%and 16%,respectively.展开更多
基金Supported by the National Natural Science Foundation of China(61370212)the Research Fund for the Doctoral Program of Higher Education of China(20122304130002)+1 种基金the Natural Science Foundation of Heilongjiang Province(ZD 201102)the Fundamental Research Fund for the Central Universities(HEUCFZ1213,HEUCF100601)
文摘A hierarchical peer-to-peer(P2P)model and a data fusion method for network security situation awareness system are proposed to improve the efficiency of distributed security behavior monitoring network.The single point failure of data analysis nodes is avoided by this P2P model,in which a greedy data forwarding method based on node priority and link delay is devised to promote the efficiency of data analysis nodes.And the data fusion method based on repulsive theory-Dumpster/Shafer(PSORT-DS)is used to deal with the challenge of multi-source alarm information.This data fusion method debases the false alarm rate.Compared with improved Dumpster/Shafer(DS)theoretical method based on particle swarm optimization(PSO)and classical DS evidence theoretical method,the proposed model reduces false alarm rate by 3%and 7%,respectively,whereas their detection rate increases by 4%and 16%,respectively.
